Nabi Nur
Email:
ad0xfw@r.postjobfree.com
Cell # 323-***-****
Profile Summary
Diligent IT professional with a career more than 10 years, adeptly serving as a SOC security analyst, cyber security analyst, Cloud Security Analyst, Data analyst, and systems analyst. Proficient in leveraging customer-centric strategies to elevate user experiences, optimizing quality standards, and adeptly navigating dynamic environments for robust growth. Recognized for consistently achieving objectives, surpassing established timelines, and enhancing overarching performance benchmarks.
Technical Skills
Microsoft Defender for cloud, Microsoft Sentinel, SIEM, Azure Log Analytics
Azure CAF, Azure Well-Architected Framework
Microsoft Entra ID(Azure AD), PIM, IAM, RBAC, MFA
Azure Workbooks
ATT&CK, OWASP, HIPPA, NIST, HI-TRUST, ISO, PII, PCI DSS, FINRA, FedRAMP High
Project Management, Agile/Scrum
Vulnerability assessment, Event log evaluation
Azure DevOps Security, Azure DevOps, CI/CD, Configuration, GitHub
Malware, viruses, worms, trojan horses, and spyware
Microsoft Cloud Security Benchmark, Azure Security Benchmark, Azure Policy and Blueprints
Azure Security alert monitoring
Microsoft Azure Cloud products and services
Certifications
AWS Certified Solution Architect Associate
Education
Master of Science, Public Administration
Bachelor of Science, Public Administration, Computer Science
Professional Experience
J and J, New Brunswick, NJ
SOC Security Analyst
Incident Response Analyst
Cyber Security Analyst
October 2021 – Present
State Farm Insurance, Bloomington, IL
SOC Security Analyst
Incident Response Analyst
Cloud Security Consultant
April 2020 – October 2021
Identify and ingest indicators of compromise (IOCs), e.g malicious IPs/URLs, e.t.c, into network tools/applications.
Stay up to date with current vulnerabilities, attacks, and countermeasures with security blogs and internal news reporting's from CISA, DHS, Akamai
Conducted periodic security audits and vulnerability assessments to identify and mitigate potential security risks.
Stay up to date with current vulnerabilities, attacks, and countermeasures with security blogs and internal news reporting's from CISA, DHS, Akamai
Perform incident monitoring, response, triage and initiate investigations
Create and track incidents and request using ticketing tool: (ServiceNow)
Analyze security event data from the network (IDS, SIEM)
Perform investigations and evaluations of network traffics, read and interpret logs, sniffer packets, and PCAP analysis with RSA Security analytics and Wireshark
Escalate any security incident (the confidentiality, integrity or availability of any information or information asset that is negatively impacted) to the Incident Response (IR), Incident Management team (1M T), Forensic Management Analysis team (FMAT) as needed
Conduct analysis using Splung ES
Identify suspicious/malicious activities or codes
Perform domain and email analysis
Participate in phishing campaigns
Continuously monitoring and interpreting threats using the IDS and SIEM tools
Investigate all reported suspicious emails and determine whether the emails are malicious, non-malicious or legitimate and reply to the user who reported the suspicious email with a message reporting the findings and any recommendations
Perform shift handoff at the end of every shift to provide situational awareness
the incoming shift.
Performed security audits, analyze findings, and generate detailed reports.
Developed and deliver DLP and data security training programs.
IDS monitoring and analysis through SIEM
Analyze network traffic for potential threats
Complete log analysis as needed, prioritizing and differentiating between potential intrusion attempts and false negatives
Create and track investigations to resolution
Compose security alert notifications
Ensure searches for Indicators of Compromise (IOCs) are completed when reported, through EDR tools
Monitor reported spam and phishing emails
Advise incident responders in steps to take to investigate and resolve computer security incidents
Review violations of computer security procedures and developed mitigation plans
Monitor computer virus reports to determine when to update virus protection systemsLed Architecture Design Sessions for prominent enterprise and Government clients.
Utilized Azure Data Factory integration runtime to orchestrate data ETL processes effectively.
Bank of America, Charlotte, NC
Azure Cloud Engineer
July 2019 –April 2020
Resolved issues for premier and enterprise customers across a diverse range of scenarios related to Azure products and services.
Provided engineering-level assistance to premier and enterprise customers, ensuring strict adherence to EU GDPR regulations concerning privacy.
Maintained compliance with Service Level Agreements (SLAs) by addressing customer issues across various aspects, including account management, portal functionality, and billing inquiries.
Ensured adherence to Microsoft's End User License Agreement (EULA) regulations pertaining to privacy.
Assisted premier and enterprise customers with a broad spectrum of concerns, ranging from difficulties with Azure portal access to scaling up quotas for virtual machine cores.
Conducted analysis of logs and other data to effectively troubleshoot and resolve intricate customer issues.
Collaborated with customers to gain a comprehensive understanding of their Azure accounts, portal functionality, and billing challenges.
Oversaw the successful implementation of new systems for customers, including tasks such as data migration.
Duke Energy, Charlotte, NC
Security Analyst
January 2019 –July 2019
Managed information security risk management, identity theft prevention, incident management programs, and an Intelligence program analyzing customer data using both open-source and proprietary solutions.
Generated management reports detailing network security status and providing recommendations for the adoption of new policies, standards, and procedures.
Designed innovative technologies, including but not limited to threat analysis tools, network monitoring systems, advanced malware detection solutions, and data loss prevention mechanisms.
Developed, coordinated, implemented, and maintained standards and procedures aimed at safeguarding the security and integrity of information systems and data.
Monitored and analyzed network traffic to extract insights from known malicious actors, leveraging this knowledge to formulate countermeasures against potential threats.
Presented analysis outcomes to senior management and collaborated closely with other Information Technology teams to enhance security controls, conduct forensic analysis of computer systems, and address malware-related concerns.
Introduced security metrics to mitigate vulnerabilities by analyzing historical threats, addressing risks, gaps, and violations, and implementing enhanced web protocols.
JP Morgan and Chase, Newark, DE
System Analyst
July 2018 – January 2019
Created automated shell scripts to streamline release processes and enhance Production Support tasks, including log file backups, account creations, and application security measures.
Proficient in deploying, configuring, and administering various build and release tools.
Developed automated operational utilities for managing privileged access, thereby reducing risk and bolstering security measures.
Ensured the compatibility of the LAN with individual workstations to guarantee system functionality, network connectivity, and security.
Maintained and assumed responsibility for network backups, both on-site and off-site, and executed disaster recovery plans effectively.
Toyota Motor Corporation, Los Angeles, CA
System Analyst
July 2017 – July 2018
Developed and executed manual and automated test plans.
Conducted mobile app testing and cross-browser testing.
Utilized ALM for test case management and defect tracking.
Wrote PL/SQL queries for data validation.
PNC Bank, Pittsburgh, PA System Analyst
January 2016 – July 2017
United Healthcare, Minneapolis, MN
System Analyst
Feb 2015 – Jan 2016
Conducted manual and automated software testing.
Performed various testing types including GUI, integration, regression, and more.
Conducted compatibility testing and data validation.
Developed and executed ETL mappings, source code.
Deployed code using Ansible Tower automation tool.
Utilized BMC Remedy for incident management and defect tracking.
Wrote PL/SQL queries for data validation and etl testing